sox-demo (Python + SQL SOX Testing Demo)

A small demo project showing how GRC Engineering / SOX ITGC testing can be implemented with:

• Python for parsing + control logic + evidence generation
• SQL for repeatable, auditor-friendly control tests (SQLite)

This project uses synthetic sample data (no production systems).

What’s included

Python (SOX testing scripts)

• src/run_access_control_tests.py
  • Parses CloudTrail-style IAM events
  • Correlates to “approved access” list (simulating ServiceNow/Jira approvals)
  • Flags exceptions (no approval, after-hours)
• src/run_change_mgmt_tests.py
  • Tests “deployments must have approved change tickets”
  • Flags deploy-before-approval and out-of-window deployments
• src/run_data_integrity_tests.py
  • Reconciles source vs reporting totals and row counts
  • Flags missing records, variances, duplicates, nulls

Each script produces:

• output/*.csv evidence
• output/*_metadata.json run metadata (inputs, hashes, timestamps, counts)

SQL (SOX-style control tests)

• sql/01_access_controls.sql
• sql/02_change_management.sql
• sql/03_data_integrity.sql

These run against a local SQLite database created by the Python scripts: output/sox_demo.db.

Quick start

cd sox-demo
python -m venv .venv
source .venv/bin/activate  # Windows: .venv\Scripts\activate
pip install -r requirements.txt

# Run all controls (creates output/sox_demo.db and evidence files)
python src/run_all.py

sox-demo-scripts